Tenda FH1202 Command Injection Vulnerability

Tenda FH1202 is a dual-band wireless router from Tenda that supports 2.4GHz and 5GHz bands with a total transmission rate of 1200Mbps. The Tenda FH1202 suffers from a command injection vulnerability that stems from the cmdinput parameter of the formexeCommand method failing to properly filter...

Tenda AC7 Command Injection Vulnerability

Tenda AC7 is a 1200M dual-band wireless router designed for large households by Tenda Technology, which adopts the 802.11ac standard and supports dual-band concurrent transmission with a wireless rate of up to 1167Mbps. Tenda AC7 suffers from a command injection vulnerability that stems from the...

Tenda W30E Command Injection Vulnerability

Tenda W30E is an enterprise-grade wireless router designed for SOHO, small and micro business offices and small store networking, supporting Wi-Fi 6 technology. The Tenda W30E suffers from a command injection vulnerability that stems from the cmdinput parameter of the formexeCommand method failin...

Unspecified Vulnerability in Tenda AC500 (CNVD-2024-23312)

The Tenda AC500 is a Gigabit port access controller from Tenda, China. A security vulnerability exists in Tenda AC500 version 2.0.1.91307, which originates from a buffer overflow issue in the cmdinput parameter of the formexeCommand method of the /goform/execCommand file. No details of the...

CVE-2024-32314

Tenda AC500 V2.0.1.91307 firmware contains a command injection vulnerablility in the formexeCommand function via the cmdinput parameter...

CVE-2024-32314

Tenda AC500 V2.0.1.91307 firmware contains a command injection vulnerablility in the formexeCommand function via the cmdinput parameter...

CVE-2024-32283

Tenda FH1203 V2.0.1.6 firmware has a command injection vulnerablility in formexeCommand function via the cmdinput parameter...

CVE-2024-32281

Tenda AC7V1.0 v15.03.06.44 firmware contains a command injection vulnerablility in formexeCommand function via the cmdinput parameter...

CVE-2024-32314

Tenda AC500 V2.0.1.91307 firmware contains a command injection vulnerablility in the formexeCommand function via the cmdinput parameter...

PT-2024-24489 · Tenda · Tenda W30E

Name of the Vulnerable Software and Affected Versions: Tenda W30E version 1.0 V1.0.1.25633 Description: The issue is a command injection vulnerability in the formexeCommand function via the cmdinput parameter. This allows for potential exploitation. Recommendations: For Tenda W30E version 1.0...

CVE-2024-32314

CVE-2024-32314 affects the Tenda AC500 firmware (version 2.0.1.9(1307)). The vulnerability arises in the formexeCommand function when processing the cmdinput parameter, leading to a command-injection flaw in the device. The available documents identify the vulnerable component and parameter, but ...

Tenda FH1202 安全漏洞

Tenda FH1202 is a dual-band wireless router from Tenda that supports 2.4GHz and 5GHz bands with a total transmission rate of 1200Mbps. The Tenda FH1202 suffers from a command injection vulnerability that stems from the cmdinput parameter of the formexeCommand method failing to properly filter...

Tenda FH1203 安全漏洞

Tenda FH1203 is a dual-band wireless router from Tenda China, mainly used for home network coverage. The Tenda FH1203 suffers from a command injection vulnerability that stems from the cmdinput parameter of the formexeCommand method failing to properly filter construct command special characters,...

PT-2024-24482 · Tenda · Tenda F1203

Name of the Vulnerable Software and Affected Versions: Tenda FH1203 version 2.0.1.6 Description: The issue is a command injection vulnerability in the formexeCommand function via the cmdinput parameter. This allows for potential exploitation. Recommendations: For Tenda FH1203 version 2.0.1.6, as ...

CVE-2024-32314

Tenda AC500 V2.0.1.91307 firmware contains a command injection vulnerablility in the formexeCommand function via the cmdinput parameter...

Tenda AC18 /goform/exeCommand Command Injection Vulnerability

Tenda AC18 is a dual-band wireless router launched by Shenzhen Jixiang Tenda Technology Co. in July 2016, mainly for villas and large home users. Tenda AC18 suffers from a command injection vulnerability that stems from the failure to properly filter construct command special characters, commands...

CVE-2024-30891

A command injection vulnerability exists in /goform/exeCommand in Tenda AC18 v15.03.05.05, which allows attackers to construct cmdinput parameters for arbitrary command execution...

Tenda AC18 安全漏洞

Tenda AC18 is a dual-band wireless router launched by Shenzhen Jixiang Tenda Technology Co. in July 2016, mainly for villas and large home users. Tenda AC18 suffers from a command injection vulnerability that stems from the failure to properly filter construct command special characters, commands...

PT-2024-23662 · Tenda · Tenda Ac18

Name of the Vulnerable Software and Affected Versions: Tenda AC18 version 15.03.05.05 Description: A command injection issue exists, allowing attackers to execute arbitrary commands by constructing cmdinput parameters in the "/goform/exeCommand" API endpoint. Recommendations: For Tenda AC18 versi...

Tenda FH1205 formexeCommand method stack buffer overflow vulnerability

The Tenda FH1205 is a home wireless router from China's Tenda, geared toward the average home network environment, providing wireless connectivity. The Tenda FH1205 suffers from a stack buffer overflow vulnerability that originates from the cmdinput parameter of the formexeCommand method of the...